Out of nowhere Oracle has released an emergency update to address the zero-day vulnerabilities being exploited by many different criminal groups. Surprisingly they included some previously unknown vulnerabilities that we can only assume may also have been in use in the wild. The good news is customers who require Java in their environments can now deploy […]
A potent Java security vulnerability that first appeared earlier this week actually leverages two zero-day flaws. The revelation comes as it emerged Oracle knew about the holes as early as April. Windows, Mac OS X and Linux desktops running multiple browser platforms are all vulnerable to attacks. Exploit code already in circulation first uses a vulnerability to […]
The critical Java vulnerabilities that have security experts cautioning users to disable Java in their browsers are not new discoveries, a security firm claims. On the contrary, Oracle has known about them for months, and it has probably had a patch ready since before an exploit was discovered in the wild. Security Explorations, a startup based in […]
In recent years, the Java development platform has become a favored target for hackers, leading to a growing list of Java-specific vulnerabilities being discovered and exploited by various malware. As such, many security researchers and national computer security organizations caution users to limit their usage of Java, unless required for business reasons, or to remove […]
A new browser-based exploit for a Java vulnerability that allows attackers to execute arbitrary code on client systems has been spotted in the wild – and because of Oracle’s Java patch schedule, it may be some time before a fix becomes widely available. The vulnerability is present in the Java Runtime Environment (JRE) version 1.7 […]
Hackers who stole bank account details for 200,000 Citigroup customers infiltrated the company’s system by exploiting a garden-variety security hole in the company’s website for credit card users, according to a report citing an unnamed security investigator. The New York Times reported that the technique allowed the hackers to leapfrog from account to account on […]
Hackers who last week broke into the website of television network PBS have turned their attention to Sony’s movie division, publishing what appeared to be the email addresses and passwords belonging to at least 50,000 consumers who registered for online promotions. A group called LulzSec claimed responsibility for the attack and said it was achieved […]
The PlayStation network is back in business, hip hip hooray. Sony announced today that the full restoration has begun, fulfilling a promise made a few days ago that all services would be up and running before the week was up. Of course, the company had already broken the promise made prior that all would be […]
Sony has announced all PlayStation network functionality – including access to the PlayStation Store – will be fully restored by the end of the week. While a few areas in Asia will still have features missing – namely countries with very protective regulatory bodies – those of us in the UK can finally get shopping […]
The cost of a criminal intrusion that exposed sensitive data for more than 100 million Sony customers and resulted in a 23-day closure of the PlayStation Network will cost the company at least $171 million, executives said. The estimated cost doesn’t included expenses related to any lawsuits that may be filed in response to the […]